Module tor_llcrypto::pk::keymanip
source · [−]Expand description
Key manipulation functions for use with public keys.
Tor does some interesting and not-standard things with its curve25519 and ed25519 keys, for several reasons.
In order to prove ownership of a curve25519 private key, Tor
converts it into an ed25519 key, and then uses that ed25519 key to
sign its identity key. We implement this conversion with
convert_curve25519_to_ed25519_public and
[convert_curve25519_to_ed25519_private].
In Tor’s v3 onion service design, Tor uses a key blinding
algorithm to derive a publicly known Ed25519 key from a different
Ed25519 key used as the .onion address. This algorithm allows
directories to validate the signatures on onion service
descriptors, without knowing which services they represent. We
implement this blinding operation via [blind_pubkey].
TODO
Recommend more standardized ways to do these things.
Structs
An “expanded” secret key.
An ed25519 keypair.
An ed25519 public key.
An EdDSA secret key.
Ed25519 signature.
Enums
An error occurred during a key-blinding operation.
Functions
Convert a curve25519 public key (with sign bit) to an ed25519 public key, for use in ntor key cross-certification.